Wow .. ok.. So according to the very end of the Video, We lost our USB Drive, we Disabled our Last Pass Authentication on that drive ... so now it? That was a heck of a place to stop the video, - Even a ticker remark to show "There IS Life after losing your Authentication key!" would have been nice. Correct me if Im wrong, but wouldnt a VPN be a nice for this application?

This seems like a great solution for people that want LastPass to be more secure but don't want to fork over the money for a YubiKey and already have too many thumb drives lying around to even count. --although I wouldn't trust using any old thumb drive on a public computer. I might have to pick up on of those handy-dandy read-only thumb drives. No malware for me thank you very much!!

Now here's where everything could go wrong. If you logged into your email account connected to LastPass, the keylogger would have your email un/pw and that hacker could have LastPass email you a link (bypassing Sesame). The hacker could access that email account, activate the link LastPass sent, gain access to your LastPass account, and change all your passwords. The solution: Don't sign onto both LastPass and your email on public computers, or have a separate email account for LastPass.

For those of you knocking the ability to bypass Sesame via an email, you're thinking about the problem incorrectly. Here's a possible scenario: you went on a public computer, you decided to log on to LastPass via the native internet browser (first mistake right there--use a portable browser on pub computers), and a key logger picked up your LastPass un/pw. This hacker tries to log onto your vault, but because you use, sesame, he/she can't initially. (continued next comment)

Does anybody else find it HILARIOUS that a SECURITY company uses internet explorer as the standard browser?

Otherwise, good tutorial.

I can't use Grid authentication AND Sesame? PS: For those of you turned off by the ability to disable authentication via email, just make your email's password really strong.

Last step turned me off :c this isn't very impressive if you can bypass sesame that easily.

so basically this is only as secure as the email account used...

@zaptree2 Yes, if you use gmail I recommend turning on 2 step verification

but....but... but..... my email credentials are in the Lastpass?!?!?

@Screamer1989 Unless that hacker already has your email credentials, they couldn't possibly get into your vault in the first place (they can't work around Sesame). They would not be able to get into your vault in the first place without that email address, which you say that could get from your LastPass, but they would never get that far, so in that sense, there's nothing to worry about. ---Unless you're just trying to be funny right now, I can't quite tell :)

Tried

.youtube.com/watch?v=KrWXc5k8V­Iw